Skip to content
Open
47 changes: 47 additions & 0 deletions recipes-devtools/sectools/sectools-native_1.48.0.bb
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
SUMMARY = "Qualcomm Sectools v2 -- image signing / verification tool"
DESCRIPTION = "Qualcomm Security Tools v2: the host \
binary used to sign, verify and inspect Qualcomm firmware images (XBL, \
TZ, modem, etc.) according to a per-chipset Security Profile XML"
HOMEPAGE = "https://softwarecenter.qualcomm.com/catalog/item/Qualcomm_Security_Tools"
LICENSE = "LICENSE.qcom-2"

LIC_FILES_CHKSUM = "file://${UNPACKDIR}/${ZIP_TOPDIR}/CHANGES.txt;md5=d2a0bb01dcd8befe660b832fbbe05900"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not really correct, started an internal thread to see if we can have a license inside the zip file.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, that was actually the issue (no LICENSE file inside the archive )

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Drop UNPACKDIR. Also, can we work with the sectools authors to include the licence into the archive?

ZIP_TOPDIR = "1.48"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PV?

@ricardosalveti Ricardo Salveti (ricardosalveti) Jun 24, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Saw now that the directory is 1.48.0 but the zip is 1.48.zip, not great.


SRC_URI = "https://softwarecenter.qualcomm.com/api/download/software/tools/Qualcomm_Security_Tools/All/${PV}/${ZIP_TOPDIR}.zip;name=sectools-zip;downloadfilename=qcom-sectools-${PV}.zip"
SRC_URI[sectools-zip.sha256sum] = "d89773bbfcc9c80c871b628bd2e766460a876277661ed6634d57590b7fd80fba"

S = "${UNPACKDIR}/${ZIP_TOPDIR}"

INHIBIT_DEFAULT_DEPS = "1"

inherit native

do_configure[noexec] = "1"
do_compile[noexec] = "1"

# Pick the per-platform sectools binary that matches the build host.
SECTOOLS_PLATFORM_DIR = "${@'Linux_aarch64' if d.getVar('BUILD_ARCH') == 'aarch64' else 'Linux'}"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should also set COMPATIBLE_HOST.


# Stage the per-platform sectools binary under ${datadir}/sectools/ and
# drop a thin symlink into ${bindir} so consumers can invoke `sectools`
# from PATH regardless of which subdir was selected.
do_install() {
install -d "${D}${datadir}/sectools/${SECTOOLS_PLATFORM_DIR}"
install -m 0755 "${S}/${SECTOOLS_PLATFORM_DIR}/sectools" \
"${D}${datadir}/sectools/${SECTOOLS_PLATFORM_DIR}/sectools"

install -d "${D}${bindir}"
ln -sf "../share/sectools/${SECTOOLS_PLATFORM_DIR}/sectools" \
"${D}${bindir}/sectools"

install -m 0644 "${S}/CHANGES.txt" "${D}${datadir}/sectools/CHANGES.txt"
}

do_unpack[postfuncs] += "sectools_chmod_unpacked"
sectools_chmod_unpacked() {
chmod -R u+w "${UNPACKDIR}"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why?

}

FILES:${PN} += "${datadir}/sectools"
INSANE_SKIP:${PN} += "already-stripped"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing EOL.

Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
SUMMARY = "Qualcomm Security Profiles"
DESCRIPTION = "Per-chipset Security Profile XML files consumed by Sectools"
HOMEPAGE = "https://github.com/qualcomm/security-profiles"
LICENSE = "BSD-3-Clause-Clear"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=2998c54c288b081076c9af987bdf4838"

SRC_URI = "git://github.com/qualcomm/security-profiles.git;protocol=https;branch=main"
SRCREV = "122f1917af2b428880a7607ed705bb46bec66f5b"

inherit native

do_configure[noexec] = "1"
do_compile[noexec] = "1"

# Install the XML profiles into a well-known native datadir location
# so qcom-firmware-sign.bbclass can resolve them by filename via
# QCOM_FIRMWARE_SIGN_SECPROFILE.
do_install() {
install -d "${D}${datadir}/qcom-security-profiles"
install -m 0644 "${S}"/*_security_profile.xml \
"${D}${datadir}/qcom-security-profiles/"
}

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing EOL.